diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2019-11-05 14:27:37 -0500 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2019-11-05 14:27:37 -0500 |
| commit | 0238a50283a3bd4fa78e185ec09772d743b9ad23 (patch) | |
| tree | ea4c6729492cb7ba39ceb0126fbbe33bed2bca81 /src | |
| parent | 5ee8f0fe13b42e6a7711496676385a4ce02e9c5a (diff) | |
Avoid logging complaints about abandoned connections when using PAM.
For a long time (since commit aed378e8d) we have had a policy to log
nothing about a connection if the client disconnects when challenged
for a password. This is because libpq-using clients will typically
do that, and then come back for a new connection attempt once they've
collected a password from their user, so that logging the abandoned
connection attempt will just result in log spam. However, this did
not work well for PAM authentication: the bottom-level function
pam_passwd_conv_proc() was on board with it, but we logged messages
at higher levels anyway, for lack of any reporting mechanism.
Add a flag and tweak the logic so that the case is silent, as it is
for other password-using auth mechanisms.
Per complaint from Yoann La Cancellera. It's been like this for awhile,
so back-patch to all supported branches.
Discussion: https://postgr.es/m/CACP=ajbrFFYUrLyJBLV8=q+eNCapa1xDEyvXhMoYrNphs-xqPw@mail.gmail.com
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/libpq/auth.c | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 2fbf56d636a..ffa18f1bf89 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -103,6 +103,7 @@ static struct pam_conv pam_passw_conv = { static char *pam_passwd = NULL; /* Workaround for Solaris 2.6 brokenness */ static Port *pam_port_cludge; /* Workaround for passing "Port *port" into * pam_passwd_conv_proc */ +static bool pam_no_password; /* For detecting no-password-given */ #endif /* USE_PAM */ @@ -2106,8 +2107,10 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message **msg, { /* * Client didn't want to send password. We - * intentionally do not log anything about this. + * intentionally do not log anything about this, + * either here or at higher levels. */ + pam_no_password = true; goto fail; } } @@ -2166,6 +2169,7 @@ CheckPAMAuth(Port *port, char *user, char *password) */ pam_passwd = password; pam_port_cludge = port; + pam_no_password = false; /* * Set the application data portion of the conversation struct. This is @@ -2251,22 +2255,26 @@ CheckPAMAuth(Port *port, char *user, char *password) if (retval != PAM_SUCCESS) { - ereport(LOG, - (errmsg("pam_authenticate failed: %s", - pam_strerror(pamh, retval)))); + /* If pam_passwd_conv_proc saw EOF, don't log anything */ + if (!pam_no_password) + ereport(LOG, + (errmsg("pam_authenticate failed: %s", + pam_strerror(pamh, retval)))); pam_passwd = NULL; /* Unset pam_passwd */ - return STATUS_ERROR; + return pam_no_password ? STATUS_EOF : STATUS_ERROR; } retval = pam_acct_mgmt(pamh, 0); if (retval != PAM_SUCCESS) { - ereport(LOG, - (errmsg("pam_acct_mgmt failed: %s", - pam_strerror(pamh, retval)))); + /* If pam_passwd_conv_proc saw EOF, don't log anything */ + if (!pam_no_password) + ereport(LOG, + (errmsg("pam_acct_mgmt failed: %s", + pam_strerror(pamh, retval)))); pam_passwd = NULL; /* Unset pam_passwd */ - return STATUS_ERROR; + return pam_no_password ? STATUS_EOF : STATUS_ERROR; } retval = pam_end(pamh, retval); |